Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pIWHXXPkIUheRXxdbQm9_3TklaE.roa
File: pIWHXXPkIUheRXxdbQm9_3TklaE.roa (raw, json)
Hash identifier: XAtzl++VTykAwEWGOiX0irNbqgoW8HPgxVDZCcBwgyA=
Subject key identifier: A4:85:87:5D:73:E4:21:48:5E:45:7C:5D:6D:09:BD:FF:74:E4:95:A1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0181D3D7435742119993591A3D54E7992197
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pIWHXXPkIUheRXxdbQm9_3TklaE.roa
Signing time: Wed 06 Jul 2022 14:08:28 +0000
ROA not before: Wed 06 Jul 2022 14:08:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210422
IP address blocks: 194.68.41.0/24 maxlen: 24
194.68.63.0/24 maxlen: 24
192.121.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d3:d7:43:57:42:11:99:93:59:1a:3d:54:e7:99:21:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jul 6 14:08:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a485875d73e421485e457c5d6d09bdff74e495a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f0:7d:51:b5:40:16:ae:f6:e9:e5:1c:ae:db:
24:56:6e:23:4a:af:30:dd:80:9f:ae:e6:02:d1:49:
d6:c3:7c:86:a8:14:8b:6f:a6:61:9f:e2:87:a1:81:
37:08:1b:7b:c4:54:6a:2e:9a:90:43:ea:85:31:d8:
6d:87:70:4b:65:64:50:2a:1f:74:25:dd:e0:25:bd:
e3:1b:82:5e:c7:98:47:80:41:39:a7:cd:22:67:8b:
42:25:09:75:27:c6:87:82:2a:28:8b:f8:95:d8:12:
28:29:62:f1:7a:f1:1d:e3:51:09:47:82:b3:34:3c:
4d:62:77:4b:8b:33:66:66:fc:77:53:e8:4c:de:7a:
61:d6:db:15:0b:b5:2f:22:53:0f:49:92:68:28:5b:
b6:45:fd:3c:08:8e:0d:66:27:74:19:d4:bd:69:37:
eb:75:5c:73:1b:fc:f6:c3:87:9e:fa:34:09:a8:19:
c5:0e:30:ef:c3:1f:c2:78:29:74:f0:05:b9:8c:bb:
dc:13:61:2c:84:a4:dc:d8:40:62:ef:6c:b3:b1:94:
1b:84:8a:c6:af:ba:f9:3f:68:41:68:e6:a3:74:43:
52:6a:49:e2:db:7c:11:41:3e:6a:bd:dc:d7:6a:64:
dd:6f:11:61:b6:81:5b:e8:af:af:1d:9e:6d:08:d3:
ee:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:85:87:5D:73:E4:21:48:5E:45:7C:5D:6D:09:BD:FF:74:E4:95:A1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pIWHXXPkIUheRXxdbQm9_3TklaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.210.0/24
194.68.41.0/24
194.68.63.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:57:04:df:21:ff:b6:aa:64:0e:1d:5b:a7:0d:e5:c3:73:c2:
93:53:5f:55:80:db:11:67:8a:1a:55:18:26:53:ab:20:ff:38:
79:24:a2:9e:c0:02:d4:0a:f9:71:0c:5f:71:42:af:c2:56:5a:
fe:52:ed:d2:ce:21:81:62:e7:3f:c2:6a:72:aa:f9:ed:66:41:
54:75:34:71:42:41:b0:bd:f0:1a:3c:73:a3:16:35:c8:00:ca:
0b:bb:1a:5c:ab:75:bd:72:ce:4e:5a:01:42:94:c0:f1:68:ea:
40:07:e0:43:e0:5d:b3:8c:ea:f1:a9:97:8f:6b:a3:ab:65:a2:
6f:7d:77:a3:c9:31:c9:42:e3:70:20:32:90:6f:d6:7c:82:39:
0e:da:b3:f9:7c:37:42:b6:f7:52:4f:0a:f4:fb:f4:54:b3:e4:
f7:40:20:a5:ad:d4:c0:41:0b:81:8f:e6:ed:f9:7d:0c:f9:20:
34:42:92:e1:60:b7:bf:81:6a:76:4b:33:41:2d:0e:33:37:30:
c2:7b:ba:51:70:bc:36:9c:26:f0:0f:49:21:af:4f:f1:c2:1c:
4e:43:03:71:39:5e:96:0d:ea:11:77:9f:db:27:98:76:34:43:
81:4d:f5:e2:b7:a0:38:6d:a8:d5:6d:77:f2:8a:52:0a:f5:5f:
46:61:c6:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHT10NXQhGZk1kaPVTnmSGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIwNzA2MTQwODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDg1ODc1ZDczZTQyMTQ4NWU0NTdjNWQ2ZDA5YmRmZjc0ZTQ5NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvB9UbVAFq726eUcrtskVm4jSq8w
3YCfruYC0UnWw3yGqBSLb6Zhn+KHoYE3CBt7xFRqLpqQQ+qFMdhth3BLZWRQKh90
Jd3gJb3jG4Jex5hHgEE5p80iZ4tCJQl1J8aHgiooi/iV2BIoKWLxevEd41EJR4Kz
NDxNYndLizNmZvx3U+hM3nph1tsVC7UvIlMPSZJoKFu2Rf08CI4NZid0GdS9aTfr
dVxzG/z2w4ee+jQJqBnFDjDvwx/CeCl08AW5jLvcE2EshKTc2EBi72yzsZQbhIrG
r7r5P2hBaOajdENSakni23wRQT5qvdzXamTdbxFhtoFb6K+vHZ5tCNPutwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKSFh11z5CFIXkV8XW0Jvf905JWhMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvcElXSFhYUGtJVWhlUlh4ZGJRbTlfM1RrbGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHnSAwQA
wkQpAwQAwkQ/MA0GCSqGSIb3DQEBCwUAA4IBAQBaVwTfIf+2qmQOHVunDeXDc8KT
U19VgNsRZ4oaVRgmU6sg/zh5JKKewALUCvlxDF9xQq/CVlr+Uu3SziGBYuc/wmpy
qvntZkFUdTRxQkGwvfAaPHOjFjXIAMoLuxpcq3W9cs5OWgFClMDxaOpAB+BD4F2z
jOrxqZePa6OrZaJvfXejyTHJQuNwIDKQb9Z8gjkO2rP5fDdCtvdSTwr0+/RUs+T3
QCClrdTAQQuBj+bt+X0M+SA0QpLhYLe/gWp2SzNBLQ4zNzDCe7pRcLw2nCbwD0kh
r0/xwhxOQwNxOV6WDeoRd5/bJ5h2NEOBTfXit6A4bajVbXfyilIK9V9GYcb4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org